####################################################################
DELL(TM) REMOTE ACCESS CONTROLLER (DRAC) 4
####################################################################
This document contains updated information about the Dell Remote Access Controller 4 (DRAC 4/I and DRAC 4/P).
For more information about DRAC 4, including installation and configuration information, see the "Dell Remote Access Controller 4 User's Guide" and the "Dell OpenManage(TM) Server Administrator User's Guide." These documents are located on your product documentation CD.
#################################################################### TABLE OF CONTENTS ####################################################################
This file contains the following sections:
* Criticality
* Minimum Requirements
* Release Highlights
* Known Issues for DRAC 4
* Known Issues for Managed Server Operating Systems
* Known Issues for Documentation
#################################################################### CRITICALITY ####################################################################
3 - Optional
#################################################################### MINIMUM REQUIREMENTS ####################################################################
The following subsections list operating systems that are compatible with the Dell Remote Access Controller (DRAC) 4.
======SUPPORTED SYSTEMS ======
DRAC 4/I is supported on the following Dell PowerEdge(TM) systems: 1850, 2800, and 2850
file:///T|/htdocs/SOFTWARE/smdrac3/drac4/1.35/en/readme/DRAC4Readme.txt[10/26/2012 10:06:04 AM] DRAC 4/P is supported on the following PowerEdge systems: 800, 830, 840, 850, 860, 1800, 6800, and 6850
======SUPPORTED MANAGED SERVER OPERATING SYSTEMS ======
The DRAC 4 is supported on the following operating systems:
* Microsoft(R) Windows Server(R) 2003 family
The Windows Server 2003 family includes Windows Server 2003 SP1 (Standard, Enterprise, and Web Editions), Microsoft Windows Server 2003 (R2) (Standard, Enterprise, and Web Editions), Windows Server 2003 x64 (Standard and Enterprise Editions), and Windows Small Business Server (SBS) 2003 SP1.
* Microsoft Windows(R) 2000 Server family
The Windows 2000 Server family includes Windows 2000 Server and Windows 2000 Advanced Server. NOTE: Virtual Media requires Service Pack 4.
* Red Hat(R) Enterprise Linux AS, ES, and WS (version 3) for Intel(R) Extended Memory 64 Technology (Intel EM64T) and Intel x86
* Red Hat Enterprise Linux AS, ES, and WS (version 4) for Intel EM64T and Intel x86
* Novell(R) NetWare(R) version 6.5 (Service Pack 1 or later) NOTE: This version of NetWare does not support Virtual Media.
* SUSE(R) Linux Enterprise Server (version 9) with Update 3 for Intel EM64T
* Added support for SUSE Linux Enterprise Server (version 10), on Intel Extended Memory 64 Technology (Intel EM64T) systems.
NOTE: DRAC 4 support on SUSE Linux Enterprise Server (version 10) is limited to the Manage Node and to the CLI only. DRAC 4 does not support the Out of Band GUI on the Management station.
======SUPPORTED WEB BROWSERS ======
* 32-bit versions of Microsoft Internet Explorer 6.0 on Windows
* 32-bit versions of Mozilla 1.6 (or later) on Red Hat Enterprise Linux
* Firefox 1.0 and 1.0.1 for Red Hat Enterprise Linux version 4
file:///T|/htdocs/SOFTWARE/smdrac3/drac4/1.35/en/readme/DRAC4Readme.txt[10/26/2012 10:06:04 AM] NOTE: Localized Keyboard support requires JVM 1.4.2 on Red Hat Enterprise Linux configurations. DRAC 4 does not support JVM 1.5 (141766)
Virtual Media requires Internet Explorer on a Windows-based management workstation, or Mozilla, on a Red Hat Enterprise Linux-based management workstation.
NOTE: All browsers must have Sun(TM) Java VM Plug-in 1.4.2 or later installed to use the DRAC 4 Console Redirection feature. The Java cache must be cleared and disabled from the Java plug-in control panel. On the Windows operating system, perform the following steps to clear and disable the Java cache:
1. Click "Settings"->"Control Panel"->"Java Plug-in." 2. Click the "Cache" tab. 3. Click "Clear." 4. Deselect the "Enable Caching" check box to disable the cache. 5. Click "Apply." 6. Close and restart the browser.
NOTE: When upgrading the DRAC 4 firmware, temporary Internet files should be deleted. When using Internet Explorer on systems running Microsoft Windows, perform the following steps to delete the temporary files:
1. In Internet Explorer, on the "Tools" menu, click "Internet Options." 2. On the "General" tab, click "Delete Files." 3. Click "OK" on the next message to confirm.
======SUPPORTED FIRMWARE VERSIONS ======
RAC Firmware Version: 1.35 RAC IDE Option ROM version: 341027
#################################################################### RELEASE HIGHLIGHTS ####################################################################
* Reinstated support for racadm subcommand "getmodinfo."
* Virtual Media is now compatible with Microsoft Windows Index Service. (25570)
* This release fixes an issue under some Red Hat Enterprise Linux 4 configurations where the DRAC 4 firmware update may fail if Dell Server Assistant (DSA) was not used to install the operating system and Dell OpenManage Server Administrator is not currently installed on the host server where the update is being performed.
* Added PE840 and PE860 to the servers supported by the repair file:///T|/htdocs/SOFTWARE/smdrac3/drac4/1.35/en/readme/DRAC4Readme.txt[10/26/2012 10:06:04 AM] mode floppy diskettes.
#################################################################### KNOWN ISSUES FOR DRAC 4 ####################################################################
The following subsections list the known issues regarding the implementation and operation of the DRAC 4:
* You must disable the Internet Explorer Enhanced Security Configuration component to use the Virtual Media Active X Plugin on Microsoft Windows Server 2003 Internet Explorer. (24901)
* When adding Active Directory Universal Groups from separate domains, you must create an Association Object with Universal Scope. The Default Association objects created by the Dell Schema Extender Utility are Domain Local Groups only and will not work with Universal Groups from other domains. (33658)
* The Virtual Floppy is not available during an Operating System installation that uses either the virtual CDROM or the local CDROM.
* The Microsoft Windows 2003 R2 operating system may show the following events in the System Event Log (SEL) when a graceful shutdown event, OS runtime stop event, or OS OEM event occurs:
System Event: Unknown Sensor type sensor unknown sensor status System Event: Unknown Sensor status System Event: OS watchdog unknown sensor status
* In previous DRAC 4 releases, the DRAC 4 sometimes stopped booting, which then required that you re-install the DRAC firmware using the firmware repair diskettes. This issue has been resolved in this release and should no longer occur. (153802)
* The DRAC 4 does not check the static IP address and netmask for validity, other than verifying the values are between 0 and 255, and that the result is not 0.0.0.0 or 255.255.255.255. (152586)
* When upgrading the DRAC 4 firmware from version 1.0, the cfgDNSRacName property in the cfgLanNetworking group cannot contain an underscore ("_"). You can substitute a different character in the property, such as a dash ("-"), to perform the upgrade. An example of a valid racadm command to set this property is:
racadm config -g cfgLanNetworking -o cfgDNSRacName RAC-xxxx
(151550)
* An Active Directory security certificate dated with a GMT file:///T|/htdocs/SOFTWARE/smdrac3/drac4/1.35/en/readme/DRAC4Readme.txt[10/26/2012 10:06:04 AM] timestamp will be valid only after the RAC local time has passed this timestamp value. The RAC only recognizes local time. (150993)
* The DRAC 4 software requires APIC mode on the server. PIC mode is not supported. (149034)
* When a user makes the initial connection to the DRAC 4 via SSH but has not yet authenticated, other users are prevented from connecting to the single DRAC 4 SSH session until the initial connection is dropped or after the timeout. The initial connection is dropped after a failed login attempt or in approximately 30 seconds if authentication is not attempted. (150493)
* When connecting to a remote DRAC 4 using a Mozilla Web browser, version 1.7 or newer, the Virtual Media feature may not be available. The browser displays the error: "Virtual Media Plug-in is not installed or running." This issue is caused by new security features included in the Mozilla browser, which prevent automatic plugin installation. Perform the following steps to manually install the plugin for that specific browser:
1. Log in to DRAC 4 and navigate to the "Properties" page.
2. Change the Web address in the browser window from "https://
Mozilla prompts you with an "Opening rac4vm.xpi" dialog, allowing you to save the file to your local file system.
3. Click "OK" and save the file to a temporary location (for example: /tmp/rac4vm.xpi).
4. Log out of the DRAC 4, and then specify the Web address of the "rac4vm.xpi" file (for example: file:///tmp/rac4vm.xpi).
5. Mozilla displays the "Software Installation" dialog: Click the "Install" button to continue.
6. After installation completes, close the browser, and delete the "/tmp/rac4vm.xpi" file.
7. Now, restart the browser, log in to DRAC 4, and navigate to the Virtual Media link to use the Virtual Media features.
(150565)(150820)
* The wildcard option "*" in the command "racadm getssninfo -u *" may require quotes in some operating system environments, for example:
racadm getssninfo -u "*"
(145872) file:///T|/htdocs/SOFTWARE/smdrac3/drac4/1.35/en/readme/DRAC4Readme.txt[10/26/2012 10:06:04 AM] * The "Boot Once" feature allows DRAC 4 to boot from a remote floppy or a CDROM only once. When this feature is used, the DRAC 4 will drop the client connection to the Virtual Media plug-ins on the second system boot. This feature is useful for operating system installation, where "bootstrap" media is typically used to copy the new operating system to the target system.
A new object named "cfgVirtualBootOnce" has been added to the Virtual Media configuration group "cfgRacVirtual." This object can be set to TRUE or FALSE. The default state is FALSE. When the state is TRUE, the DRAC 4 firmware will monitor system boots and drop the client Virtual Media connection on the second system boot. This will cause the system to boot only once from a bootable remote floppy/CD. On the second boot the value of "cfgVirtualBootOnce" will be reset to FALSE.
* The DRAC 4 Web-based interface does not display the connection status of the Command Line Interface Virtual Media. (145750).
* While generating a Certificate Signing Request (CSR) (using "racadm sslcsrgen -g"), the local racadm interface on the host becomes unavailable. Use remote racadm or the racadm available on serial or telnet command lines instead. (128951)
* A device that is present on the system, but which is currently locked for exclusive use by another application is not selectable for use as Virtual Media. To make the device available, the other application must be closed. When the application is closed, click the "Refresh" button on the Virtual Media page to be able to select the device entry. (140665)
* DDNS events can be found in the trace log. This log is viewable by using the "gettracelog" command on the Web-based interface Diagnostics page or by using "racadm gettracelog". (142025)
* The DRAC 4 Managed Node software must be installed for accurate population of the "Hostname", "OS Name", and "OS Type" information fields in the Web-based interface and racadm getsysinfo command. (138737)
* The DRAC 4 Console Redirection remains active even after the GUI has timed out. (140522)
* An expired SSH session will return the error message "Warning: Idle Timeout Expired" only after a carriage return has been entered. You will then be returned to the shell from which SSH was invoked. (139801)
* If there is a video corruption while using Console Redirection, you can refresh the Console Redirect screen by clicking "Refresh" on the Console Redirect window. You may need to click "Refresh" multiple times to correct the video corruption problem. (140915)
file:///T|/htdocs/SOFTWARE/smdrac3/drac4/1.35/en/readme/DRAC4Readme.txt[10/26/2012 10:06:04 AM] * The last user in the "cfgUserAdmin" group cannot be deleted.
* Virtual Media supports single session/single track, CD/DVD/image data. (140403)
* The DRAC 4 will accept a Virtual Media connection to a disabled virtual drive. This allows you to connect to the system and enable the virtual drive for the next boot (the enable/disable feature for Virtual Media does not take effect until the next boot). (144613)
* Manually removing or modifying either the A record or TXT record associated with the "cfgDNSRacName", via the DNS server administrative interface will cause unexpected results.
* When the RAC name ("cfgDNSRacName") is not the default name ("RAC-
* The RAC will reset its NIC every 30 seconds when the network is idle, to guarantee operational physical hardware mechanisms.
* The DRAC 4 DDNS implementation requires that DNS servers be configured to allow non-secure updates.
* If the network bandwidth is low and Console Redirection is required, the key repetition rate should be set to slow on the server.
* The PuTTY SSH client closes the connection when "gettracelog", "getsel", "connect com2", or "connect -h com2" is executed. This is a PuTTY client issue. The OpenSSH client works correctly.
* When a telnet login is invalid, a single session is counted towards the maximum of four sessions for approximately one minute after the invalid login attempt. If there are already three valid sessions, this invalid session will prevent further login attempts for that minute.
* If you run the Nessus Vulnerability test on the DRAC 4, you may see the following vulnerabilities reported:
- Nessus reports HTTP (80/tcp) vulnerability as: "The remote proxy is vulnerable to format strings attacks when issued a badly-formed user name. This flaw allows an attacker to execute arbitrary code on this host."
This report is displayed due to all HTTP requests (legal or not) being forwarded by the DRAC 4 to HTTPS. It is not a security issue on the DRAC 4.
- Nessus reports HTTP (80/tcp) vulnerability as: "It may be possible to make a web server execute arbitrary code by sending it a too file:///T|/htdocs/SOFTWARE/smdrac3/drac4/1.35/en/readme/DRAC4Readme.txt[10/26/2012 10:06:04 AM] long URL after/jsp. Ie: GET /jsp/AAAA.....AAAAA.”
This report is displayed due to all HTTP requests (legal or not) being forwarded by the DRAC 4 to HTTPS. It is not a security issue on the DRAC 4.
- Nessus reports HTTP (80/tcp) vulnerability as: "It was possible to disable the remote IIS server by making a specially formed PROPFIND request.”
This report is displayed due to all HTTP requests (legal or not) being forwarded by the DRAC 4 to HTTPS. It is not a security issue on the DRAC 4.
- Nessus reports HTTPS (443/tcp) vulnerability as: "The remote web server is vulnerable to a format string attack. If it is ePolicy Orchestrator, an attacker may use this flaw to execute code with the SYSTEM privileges on this host.”
The DRAC 4 returns Error 414 with an unsupported long format string in the GET operation. This operation is correct and should not cause any security vulnerability.
- Nessus reports syslog (514/udp) vulnerability as: "WinSyslog is an enhanced syslog server for Windows. A vulnerability in the product allows remote attackers to cause the WinSyslog to freeze, which in turn will also freeze the operating system on which the product executes.”
Since the DRAC 4 does not support WinSyslog port 514, the Nessus plug-in gets confused. This report is not a security issue on the DRAC 4.
* The DRAC 4 racadm, version 4.0.0, does not support management of remote ERA/MC DRAC configurations. ERA/MC configurations should continue to be managed by the racadm utility that officially supports the ERA/MC configuration.
* DRAC 4 allows CA Enterprise Root Server and all user type certificates to be uploaded into the DRAC 4 Web server, which causes client Web browser SSL authentication failure. To avoid this error, upload only the X509 Web Server-type certificates into the DRAC 4 (select only the Web browser type in Microsoft certificate generating utility).
* If you are using Minicom as the DRAC 4 serial terminal and have the Minicom status line enabled, resize the window to 80 x 26. Resizing allows for 26 lines of text and one line of Minicom status. The default Minicom command key is "
* Server Administrator registers DRAC 4 on DNS if you click the "Register DRAC 4 on DNS" check box in the Configuration Tab Network file:///T|/htdocs/SOFTWARE/smdrac3/drac4/1.35/en/readme/DRAC4Readme.txt[10/26/2012 10:06:04 AM] page. This action deactivates the following controls: "DNS DRAC 4 Name", "Use DHCP DNS Domain Name", and "DNS Domain Name." If the "Use DHCP DNS Domain Name" control is activated, the DHCP DNS Domain Name is used to register the DRAC 4 on DNS. Else, the DNS entered in the "DNS Domain Name" is used.
* The DNS DRAC Name is a string of up to 63 alphanumeric ASCII characters or dash (-). The DRAC 4 web-based interface only allows the DNS DRAC 4 Name field in the "Network Configuration" page to be set with values smaller than 63 characters. The DNS Domain Name is a string of up to 254 alphanumeric ASCII characters, dot (.) or dash (-). This name cannot begin with a dot. The DRAC 4 web-based interface only allows the DNS Domain Name field in the "Network Configuration" page to be set with values smaller than 80 characters. (140875)
###################################################################### KNOWN ISSUES FOR MANAGED SERVER OPERATING SYSTEMS ######################################################################
The following sections provide additional information about known issues with operating systems.
======ISSUES FOR NETWARE OPERATING SYSTEM ======
* When using local racadm to configure a DRAC 4 in NetWare, if the DRAC 4 PCI interrupt is shared with other PCI devices the spurious interrupt count may increase. This known issue is not known to cause any abnormal system behavior. The following message may be seen on the console:
WARNING: 200 spurious (unclaimed) interrupt(s) detected on interrupt 24. Spurious interrupt alerts occur when an interrupt is not claimed by any of the registered handlers for that interrupt. (130450)
* When a remote "Reset", "Power Off", or "Power Cycle" is issued through the DRAC 4 on NetWare, some NetWare applications may require user interaction to close application windows. If this action is necessary, you should use the DRAC 4 Console Redirection to manually close the application windows to allow NetWare to shut down.
======ISSUES FOR RED HAT ENTERPRISE LINUX OPERATING SYSTEM ======
* Servers running Red Hat Enterprise Linux version 4 will log an informational message in /var/log/messages when the virtual CDROM is enabled and there is no connection to a virtual media client. No corrective action is needed. The warning message will look like this example:
file:///T|/htdocs/SOFTWARE/smdrac3/drac4/1.35/en/readme/DRAC4Readme.txt[10/26/2012 10:06:04 AM] Dec 1 10:16:28 r2p2 kernel: Device not ready. Make sure there is a disc in the drive
* Servers running Red Hat Enterprise Linux version 4 should use the SCSI-IDE driver rather the native IDE driver to avoid system errors when the DRAC 4 is reset. To do this, add "hdf=ide-scsi" on the grub command line in /boot/grub/grub.conf (if "hdf" is your virtual CD drive.) Verify that "hdf" is your virtual CD drive by checking /proc/ide/hdf/model. Other virtual CD drive names include "hde". The command line may look like this before it is modified:
kernel /vmlinuz-2.6.9-5.Elsmp ro root=/dev/md2 rhgb quiet
After modification, it should look like this:
kernel /vmlinuz-2.6.9-5.Elsmp ro root=/dev/md2 rhgb quiet hdf=ide-scsi
The SCSI layer will take the virtual CD-ROM device off-line when the RAC card is reset. To bring it back online, issue the following two commands:
echo "scsi remove-single-device 4 0 0 0" >/proc/scsi/scsi echo "scsi add-single-device 4 0 0 0" >/proc/scsi/scsi
"4 0 0 0" represents the host, channel, ID, and lun of the virtual CD drive. This is available in /proc/scsi/scsi, even after the device is off-line. The "0 0 0" should not change, but the "4" may change depending on how many other SCSI hosts are present in the system. (141372)
* In modular Red Hat Enterprise Linux kernels, USB flash drives require the sd_mod (scsi disk module) to be loaded. If a Red Hat Enterprise Linux-based Virtual Media client system has no SCSI disks, the sd_mod may not load during the startup and will require manual loading. To load sd_mod manually, type this command as the root user:
modprobe sd_mod (140798)
* When the DRAC 4 resets, the virtual drives disappear. On Red Hat Enterprise Linux version 4, hotplug IDE is not supported - the system may hang when a remount of the virtual drives is attempted. Do not attempt to remount virtual drives after a firmware update; you must restart the server to regain access to the drives.
* When using Console Redirection on a managed system running Red Hat Enterprise Linux, the focus (cursor moved back over an object) follows the cursor. Occasionally, the text windows in Console Redirection lose focus. Before attempting to type in a text window in a Console Redirection window, click the mouse in the text window's space bar or top menu bar to ensure that your target text window has the focus on the correct window or application that you file:///T|/htdocs/SOFTWARE/smdrac3/drac4/1.35/en/readme/DRAC4Readme.txt[10/26/2012 10:06:04 AM] are attempting to use.
* Red Hat Enterprise Linux (version 4) operating system requires an updated driver (ide-scsi) for the virtual CD to work. This driver is available on the "Dell PowerEdge Service and Diagnostics" CD.
##################################################################### KNOWN ISSUES FOR DOCUMENTATION #####################################################################
This section provides additional information about known issues with the DRAC 4 Firmware version 1.30 User's Guide.
* On page 179 the second setrac example which states "The UTC time and managed system name are..." should read "The managed system name is..."
######################################################################
Information in this document is subject to change without notice. (C) 2005-2006 Dell Inc. All rights reserved.
Reproduction in any manner whatsoever without the written permission of Dell Inc. is strictly forbidden.
Trademarks used in this text: "Dell", "PowerEdge", and "Dell OpenManage" are trademarks of Dell Inc.; "Microsoft", "Windows", and "Windows Server" are registered trademarks of Microsoft Corporation; "Red Hat" is a registered trademark of Red Hat, Inc; "SUSE", "Novell", and "NetWare" are registered trademarks of Novell, Inc. "Sun" is a trademark of Sun Microsystems.
Other trademarks and trade names may be used in this document to refer to either the entities claiming the marks and names or their products. Dell Inc. disclaims any proprietary interest in trademarks and trade names other than its own.
August 2006
file:///T|/htdocs/SOFTWARE/smdrac3/drac4/1.35/en/readme/DRAC4Readme.txt[10/26/2012 10:06:04 AM]